CSC 774 Advanced Network Security

Instructional Objectives

Topics covered in homework assignments are included in the scope of exams. The final exam include the topics for the mid-term exams.

Topics for Mid-Term Exam #1

Topic 2. Review of Cryptographic Techniques

  1. Be able to explain the following concepts: plaintext, cipher text, encryption, decryption, key, cryptanalysis (cipher text only, known plaintext, chosen plaintext, chosen cipher text), block cipher, stream cipher, secret key cryptography, public key cryptography, digital signature, hash function, pseudo random generator, pseudo random function
  2. The four modes of block cipher. That is, ECB, CBC, CFB, and OFB. Explain the advantages and the disadvantages of each mode. Be able to choose the right mode for different applications.
  3. Explain what is message authentication and the goals of message authentication.
  4. Explain the following concepts related to hash function: one-way property, weak collision free, strong collision free, birthday attack. Understand the implication of birthday attack. Explain how block chaining techniques can be used to build hash function and why it is insufficient.
  5. Explain the following concepts: authentication, user authentication, three things on the basis of which user authentication is based.
  6. Be able to explain and use the following crypto primitives: one-way hash chain, Merkle hash tree (how to construct, and how to use for authentication).

A common theme in topics 3 and 4 is the use of hash functions for efficient protocols. Pay special attention to how hash functions are used in these techniques.

Topic 3. Electronic Payment Systems

  1. Be able to explain the NetBill transaction model and the NetBill transaction protocol.
  2. Be able to explain the purpose of every component of every NetBill protocol message.
  3. Be able to use symetric key to reduce the delivery (or exchange) of large messages to the delivery (or exchange) of the key.
  4. Be able to explain the difference between the basic protocol and the variations of the basic protocol for zero-priced goods in terms of cost, functionalities, and assumptions, including zero-price certified delivery, certified delivery without NetBill server, verified delivery, and unverified delivery.
  5. Be able to describe PayWord and MicroMint protocols.
  6. Explain the PayWord model, why it works, the applications it is intended for. Be able to decide what PayWord to use based on the payment context information.
  7. Explain the difference between PayWord and MicroMint.Explain the MicroMint model.Explain who makes the coins, how to make the coins, and the security of the coins.
  8. Explain how the double spending problem is addressed by MicroMint and PayWord
  9. Be able to explain: fair exchange, fair exchange through TTP, optimistic fair exchange, strong fairness, weak fairness, generatable and revocable items.
  10. Consider the optimistic fair exchange prototol covered in class. Be able to explain the goal of each component in each message. Be able to describe how to recover from failures for both parties. Be able to identify the NRO and NRR tokens for each party and why they can be used for this purpose.
  11. Consider the simplied versions of the optimistic fair exchange protocol. Be able to explain why these versions can be simplifed and what properties of the exchanged items are exploited to simplify the exchange.Be able to identify the NRO and NRR tokens for each party in these protocols and explain why they can be used for such purposes.
  12. Be able to identify unfairness in fair exchange protocols. Be able to identify strong fairness and week fairness achieved for each party in fair exchange protocols.

Topic 4. Broadcast Authentication

  1. Be able to explain: broadcast authentication, the challenges in broadcast authentication, why point-to-point authentication cannot be used for broadcast authentication directly.
  2. Be able to describe TESLA schemes, the security condition of TESLA, the protocol to synchronize sender and receivers.
  3. Be able to determine if a TESLA packet can be authenticated, and how to authenticate it if yes. Be able to determine which TESLA scheme should be used for a given broadcast authentication application.
  4. Be able to explain the DoS attacks against the TESLA protocol and the immediate authentication extension.
  5. Consider EMSS. Given a set of packets, be able to determine what packets can be authenticatted and how to authenticate them (the sequence of operations).

Topics for Mid-Term Exam #2

Topic 4. Broadcast Authentication

  1. Be able to explain how SEALs are generated and used in BiBa.
  2. Be able to explain how BiBa signatures are generated and verified.
  3. Be able to describe how SEALs are used for broadcast authentication.

Topic 5. Group Key Management

  1. Be able to explain the difference between group key agreement and group key distribution.
  2. Be able to describe the generic group DH, GDH.1, GDH.2, and GDH.3 protocols. Be able to describe the overhead of GDH.x protocols, including #messages, #rounds, #exponentiations per member, total size of messages.
  3. Given a group key agreement protocol based on DH, be able to determine if it is vulnerable to replay attacks, man-in-the-middle attacks, resouce consumption attacks, DOS attacks.
  4. Be able to explain the key tree constructed in TGDH and the difference from the constructions in GDH protocols.
  5. Be able to explain how the group membership events (member join, member leave, group partition, and group merge) are handled in TGDH.
  6. Be able to explain group key secrecy, forward secrecy, backward secrecy, and key independence.
  7. Be able to explain what are "1 affects n" problem and "1 does not equal n" problem.
  8. Be able to describe the Iolus approach. Be able to determine the cost of secure group communication in Iolus, including # encryption/decryption required, # group keys and pairwise keys each member needs, and # messages. Be able to determine the cost to used Iolus for group key distribution with the above costs.
  9. Be able to describe LKH. Be able to describe how a member is added and deleted, the changes in the key tree. Be able to determine the cost involved in group member changes (addition and deletion), including the number of keys each member and the group mamager need to store, the size and the number of messages required for group member addition and deletion.

Topic 6. MANET Security

  1. Be able to describe the DSR protocol, including the route discovery phase and the route maintaince phase.
  2. Be able to describe the attacks against MANET routing protocols: active attacks, passive attacks, routing disruption attacks (black hole, gray hole, wormhole, rushing attacks),
  3. Be able to explain and use the mechanisms adopted by Ariadne, include the authentication with pairwise secret keys, TESLA, digital signatures, and per-hop hashing. Be able to find flaws if these mechanisms are used improperly.

Topic 7. Security in Sensor Networks

  1. Be able to describe the specifical properties of sensor networks (low cost, low power, multi-functional nodes in unattended environments, wireless communication).
  2. Be able to explain the difference of sensor network security from traditional network security (1. resource constraints; 2. nodes subject to capture)
  3. Be able to explain and use the basic probabilistic key predistribution scheme. Be able to determine the parameters given the probability to establish pairwise keys and the network size.
  4. Be able to explain and use q-compositie scheme, multi-path enforcement for path key establishment, and random pairwise keys scheme.
  5. Be able to explain and use the two methods for shared key discovery (1. broadcast the list of key ids; 2. broadcast a list of challenges). Be able to explain the advantages and the disadvantages of both methods.
  6. Be able to explain and use the polynomial-based key predistribution sheme, the polynomial pool-based key predistribution schemes (the general framework, the random subset assignment scheme, and the grid-based scheme). In particular, be able to compute keys with the above schemes, be able to perform shared key discovery and path discovery in the random subset assignment and the grid-based scheme.
  7. Be able to explain and use the optimization technique in the paper to perform polynomial evaluation. (Not included in mid-term #2.)